Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
The 'should' npm package is an expressive, readable, framework-agnostic assertion library for Node.js and browsers. It extends the 'Object.prototype' with a single non-enumerable getter that allows you to express how your code should behave in a readable way. It can be used for writing tests and supports both BDD (Behavior-Driven Development) and TDD (Test-Driven Development) styles.
Chainable Assertions
Allows chaining multiple assertions together for readability and expressiveness.
should(value).be.exactly(42).and.be.a.Number();
Type Assertions
Provides assertions to check the type of a variable.
should('test').be.a.String();
Number Assertions
Includes assertions specifically for numbers, such as checking if a number is within a range.
should(10).be.above(5).and.below(15);
Property Assertions
Allows asserting the presence and value of an object's property.
should({ name: 'Alice', age: 25 }).have.property('name', 'Alice');
Equality Assertions
Enables asserting deep equality between objects or arrays.
should([1, 2, 3]).eql([1, 2, 3]);
Error Assertions
Provides a way to assert that a function throws an error.
should(function() { throw new Error('fail'); }).throw();
Chai is a BDD / TDD assertion library for node and the browser that can be delightfully paired with any javascript testing framework. It offers similar functionality to 'should' with chainable assertions but has a different syntax and additional interfaces like 'expect' and 'assert'.
Expect.js is a minimalistic BDD-style assertions library that can be used in Node.js or in the browser. It provides a similar API to 'should' but does not extend 'Object.prototype', which can be a desirable feature for some users to avoid potential conflicts.
Assert is a module that provides a simple set of assertion tests that can be used to test invariants. It is built into Node.js and offers a more traditional TDD assertion style, which is different from the BDD style provided by 'should'.
Jest is a delightful JavaScript Testing Framework with a focus on simplicity. It comes with its own assertion library and test runner. While it provides similar assertion capabilities, it is more than just an assertion library as it includes testing utilities and is often used as a complete testing solution.
should is an expressive, readable, test framework agnostic, assertion library for node.
It extends the Object prototype with a single non-enumerable getter that allows you to express how that object should behave.
should literally extends node's assert module, for example should.equal(str, 'foo')
will work, just as assert.equal(str, 'foo')
would, and should.AssertionError
is assert.AssertionError
, meaning any test framework supporting this constructor will function properly with should.
var user = {
name: 'tj'
, pets: ['tobi', 'loki', 'jane', 'bandit']
};
user.should.have.property('name', 'tj');
user.should.have.property('pets').with.lengthOf(4);
// or without Object.prototype, for guys how did Object.create(null)
should(user).have.property('name', 'tj');
someAsyncTask(foo, function(err, result){
should.not.exist(err);
should.exist(result);
result.bar.should.equal(foo);
});
$ npm install should
As mentioned above, should extends node's assert. The returned object from require('should')
is thus similar to the returned object from require('assert')
, but it has one extra convenience method:
should.exist('hello')
should.exist([])
should.exist(null) // will throw
This is equivalent to should.ok
, which is equivalent to assert.ok
, but reads a bit better. It gets better, though:
should.not.exist(false)
should.not.exist('')
should.not.exist({}) // will throw
We may add more assert extras in the future... ;)
Some assertions can be chained, for example if a property is volatile we can first assert property existence:
user.should.have.property('pets').with.lengthOf(4)
which is essentially equivalent to below, however the property may not exist:
user.pets.should.have.lengthOf(4)
our dummy getters such as and also help express chaining:
user.should.be.a('object').and.have.property('name', 'tj')
The returned object from require('should')
is the same object as require('assert')
. So you can use should
just like assert
:
should.fail('expected an error!')
should.strictEqual(foo, bar)
In general, using the Object prototype's should is nicer than using these assert
equivalents, because should gives you access to the expressive and readable language described above:
foo.should.equal(bar) // same as should.strictEqual(foo, bar) above
The only exception, though, is when you can't be sure that a particular object exists. In that case, attempting to access the should property may throw a TypeError:
foo.should.equal(bar) // throws if foo is null or undefined!
For this case, require('should')
extends require('assert')
with an extra convenience method to check whether an object exists:
should.exist({})
should.exist([])
should.exist('')
should.exist(0)
should.exist(null) // will throw
should.exist(undefined) // will throw
You can also check the negation:
should.not.exist(undefined)
should.not.exist(null)
should.not.exist('') // will throw
should.not.exist({}) // will throw
Once you know an object exists, you can safely use the should property on it.
Assert truthfulness:
true.should.be.ok
'yay'.should.be.ok
(1).should.be.ok
or negated:
false.should.not.be.ok
''.should.not.be.ok
(0).should.not.be.ok
Assert === true:
true.should.be.true
'1'.should.not.be.true
Assert === false:
false.should.be.false
(0).should.not.be.false
Assert Arguments
:
var args = (function(){ return arguments; })(1,2,3);
args.should.be.arguments;
[].should.not.be.arguments;
Asserts that length is 0:
[].should.be.empty
''.should.be.empty
({ length: 0 }).should.be.empty
equality:
({ foo: 'bar' }).should.eql({ foo: 'bar' })
[1,2,3].should.eql([1,2,3])
strict equality:
should.strictEqual(undefined, value)
should.strictEqual(false, value)
(4).should.equal(4)
'test'.should.equal('test')
[1,2,3].should.not.equal([1,2,3])
Assert inclusive numeric range:
user.age.should.be.within(5, 50)
Assert floating point number:
(99.99).should.be.approximately(100, 0.1);
Assert typeof:
user.should.be.a('object')
'test'.should.be.a('string')
Assert instanceof or instanceOf:
user.should.be.an.instanceof(User)
[].should.be.an.instanceOf(Array)
Assert numeric value above the given value:
user.age.should.be.above(5)
user.age.should.not.be.above(100)
Assert numeric value below the given value:
user.age.should.be.below(100)
user.age.should.not.be.below(5)
Assert regexp match:
username.should.match(/^\w+$/)
Assert length property exists and has a value of the given number:
user.pets.should.have.length(5)
user.pets.should.have.a.lengthOf(5)
Aliases: lengthOf
Assert property exists and has optional value:
user.should.have.property('name')
user.should.have.property('age', 15)
user.should.not.have.property('rawr')
user.should.not.have.property('age', 0)
Assert own property (on the immediate object):
({ foo: 'bar' }).should.have.ownProperty('foo')
Asserts that .statusCode
is code
:
res.should.have.status(200);
Asserts that a .headers
object with field
and optional value
are present:
res.should.have.header('content-length');
res.should.have.header('Content-Length', '123');
res.should.have.header('content-length', '123');
Assert that Content-Type is "application/json; charset=utf-8"
res.should.be.json
Assert that Content-Type is "text/html; charset=utf-8"
res.should.be.html
Assert that the given obj
is present via indexOf()
, so this works for strings, arrays, or custom objects implementing indexOf.
Assert array value:
[1,2,3].should.include(3)
[1,2,3].should.include(2)
[1,2,3].should.not.include(4)
Assert substring:
'foo bar baz'.should.include('foo')
'foo bar baz'.should.include('bar')
'foo bar baz'.should.include('baz')
'foo bar baz'.should.not.include('FOO')
Assert object includes another object:
var tobi = { name: 'Tobi', age: 1 };
var jane = { name: 'Jane', age: 5 };
var user = { name: 'TJ', pet: tobi };
user.should.include({ pet: tobi });
user.should.include({ pet: tobi, name: 'TJ' });
user.should.not.include({ pet: jane });
user.should.not.include({ name: 'Someone' });
Assert that an object equal to the given obj
is present in an Array:
[[1],[2],[3]].should.includeEql([3])
[[1],[2],[3]].should.includeEql([2])
[[1],[2],[3]].should.not.includeEql([4])
Assert an exception is thrown:
(function(){
throw new Error('fail');
}).should.throw();
Assert an exception is not thrown:
(function(){
}).should.not.throw();
Assert exepection message matches string:
(function(){
throw new Error('fail');
}).should.throw('fail');
Assert exepection message matches regexp:
(function(){
throw new Error('failed to foo');
}).should.throw(/^fail/);
An alias of throw
, its purpose is to be an option for those who run
jshint in strict mode.
(function(){
throw new Error('failed to baz');
}).should.throwError(/^fail.*/);
Assert that string starts with str
.
'foobar'.should.startWith('foo')
'foobar'.should.not.startWith('bar')
Assert that string ends with str
.
'foobar'.should.endWith('bar')
'foobar'.should.not.endWith('foo')
Assert own object keys, which must match exactly, and will fail if you omit a key or two:
var obj = { foo: 'bar', baz: 'raz' };
obj.should.have.keys('foo', 'baz');
obj.should.have.keys(['foo', 'baz']);
As it can often be difficult to ascertain exactly where failed assertions are coming from in your tests, an optional description parameter can be passed to several should matchers. The description will follow the failed assertion in the error:
(1).should.eql(0, 'some useful description')
AssertionError: expected 1 to equal 0 | some useful description
at Object.eql (/Users/swift/code/should.js/node_modules/should/lib/should.js:280:10)
...
The methods that support this optional description are: eql
, equal
, within
, a
, instanceof
, above
, below
, match
, length
, property
, ownProperty
, include
, and includeEql
.
For example you can use should with the Expresso TDD Framework by simply including it:
var lib = require('mylib')
, should = require('should');
module.exports = {
'test .version': function(){
lib.version.should.match(/^\d+\.\d+\.\d+$/);
}
};
To run the tests for should simply update your git submodules and run:
$ make test
Yes, yes it does, with a single getter should, and no it won't break your code, because it does this properly with a non-enumerable property.
(The MIT License)
Copyright (c) 2010-2011 TJ Holowaychuk <tj@vision-media.ca> Copyright (c) 2011 Aseem Kishore <aseem.kishore@gmail.com>
Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the 'Software'), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED 'AS IS', WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
1.3.0 / 2013-09-13
FAQs
test framework agnostic BDD-style assertions
The npm package should receives a total of 1,220,365 weekly downloads. As such, should popularity was classified as popular.
We found that should demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.